Our customers trust Expedock to protect their data. That trust requires a service that is highly secure. As an Expedock customer, you benefit from a service designed, built, maintained, monitored and tested to meet rigorous security, compliance, and privacy requirements.
Expedock offers enterprise-level security features designed to protect and secure customer data.
Role Based Access Control (RBAC) Expedock enforces least privileged access through custom roles that can be scoped to the resource level and to specific actions, giving users only the level of access they need at that time.
Authentication And Authorization Expedock enforces trusted user authentication providers such as Auth0 to ensure best-in-class authorization and authentication practices
Cloud Native Expedock is a fully-managed cloud service. Currently, all of Expedock's services are run and hosted in Amazon Web Services (AWS) or Google Cloud Platform (GCP), so our security policies follow these providers best practices. Expedock does not operate any physical hosting facilities or physical computer hardware of its own.
Restricted Views Expedock implements views for data visualization, which are stored SQL queries that can only access certain data, to limit the exposure of authorized users to underlying data - and with a per-row permission system gating, no user should ever see any data from any client that they do not have access to.
Audit Logging Expedock maintains comprehensive, searchable audit logs of all security-related events including authentication, permissions changes, assumptions of privileges, and more.
Employee Training Expedock conducts rigorous onboarding training to ensure that any employee touching any data is knowledgable, and that employees only access the data they need. Revoking access to all Expedock systems is also a standard part of the employee off-boarding procedure.
Data Encryption
Data Encryption In Transit Data in transitfrom customers to Expedock and from Expedock back to customers is encrypted through TLS 1.2 certificates with HSTS. Certificates are created and managed by AWS Certificate Manager. We secure internal communication using AWS VPC functionality.
Data Encryption At Rest Data is encrypted throughout all of Expedock's services using encryption keys that are managed by AWS Key Management Service (KMS) and are never exposed to anyone, including to Expedock employees
Vulnerability Management
Penetration Testing Expedock has employed a third party firm to perform Penetration testing across our platform. These are run regularly and findings are remediated quickly. Findings can be provided upon request.
Incident Management Expedock has incident management and disaster recovery planning playbooks which are reviewed regularly to ensure they are up to date.
Compliance & Privacy
SOC 2 Expedock is certified to SOC 2 Type II, successfully auditing the operational and security processes of our service and company. Expedock's SOC 2 report is available upon request.
Privacy Policy Expedock details all information about handling customer data in more detail in ourprivacy policy
Vulnerability Reports
For vulnerability reports, please contact us at frphevgl (at) rkcrqbpx (dot) pbz.(ROT13-encoded)
Fully Managed Staffing Solution, Freight BI and Analytics, and End-to-end Automation
Talk to an Expedock Consultant
Let us help you optimize business processes and deliver unrivaled customer experience to your clients.
I think Expedock can help me with...
Please pick as many as applicable
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
